How come I am able to delete asset in media library using cloudinary.uploader.destroy() API with no explicit signature?
On the NodeJS SDK, I can make a post request like so:
const response = await fetch(
'http://mycloudfunciton/setSignature',
{
method: 'GET'
}
)
const signature = response.json.signature
await fetch(
'http://mycloudfunction/deleteAsset',
{
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({
public_id: this.imageSrc.public_id,
signature
})
}
)
And my cloud function looks like so:
cloudinary.v2.uploader.destroy(
req.body.public_id,
{
invalidate: true
},
(error, result) => {
if (error) {
return res.status(500).send(error)
}
return res.send(result)
}
)
And this will delete my asset from cloudinary media library.
Question: Did I not need to pass the signature to the cloud function? Does the cloudinary.v2.uploader.destroy() have the signature request already built in? Just wondering why it let me delete the asset despite not passing the signature explicitly. Hope this question makes sense. Thanks!!
0
-
Hi Nick,
When you configure the SDK with your API key, API secret, and cloud name for your account, the SDK uses that information to calculate the necessary authentication details when making API calls on your behalf.
In general, if you're using one of our server-side SDKs, you won't need to create the Authorization header values (Admin API) or signature values (Upload API) yourself, the SDK will do so automatically. (one exception is if you're creating a signature to pass to front-end code which will use it to make an API call)
Regards,
Stephen
0
Post is closed for comments.
Comments
1 comment